Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Bug] Wrong Authority created in CreateAuthorityForRequest method call #1606

Closed
wziska opened this issue Jan 31, 2020 · 2 comments
Closed

[Bug] Wrong Authority created in CreateAuthorityForRequest method call #1606

wziska opened this issue Jan 31, 2020 · 2 comments
Assignees
@bgavrilMS
Labels
bug
Milestone
4.9

Comments

@wziska
Copy link

wziska commented Jan 31, 2020

Which Version of MSAL are you using ?
MSAL 4.7.1

Platform
net45, xamarin android, xamarin iOS

What authentication flow has the issue?
Any

Is this a new or existing app?
The app is in production, I haven't upgraded MSAL, but started seeing this issue

Repro

            var publicClientBuilder = PublicClientApplicationBuilder.Create(ClientId)
                .WithLogging((level, msg, pii) => { Console.WriteLine(msg); });

            var clientApp = publicClientBuilder.Build();

            var getTokenResult = await clientApp.AcquireTokenInteractive(Scopes)
                 .WithPrompt(Prompt.SelectAccount)
                 .WithB2CAuthority(CreateAuthorityString("https://login.microsoftonline.com/tfp/<tentant>.onmicrosoft.com/<policy>"))
                 .ExecuteAsync();

Expected behavior
As I added WithB2CAuthority I expect that in Authority.CreateAuthorityForRequest method new B2CAuthority class is instantiated.

Actual behavior
AadAuthority instance is created in Authority.CreateAuthorityForRequest call.

Possible Solution
It seems this behavior was introduced in #1456
Accordingly to comment in

microsoft-authentication-library-for-dotnet/src/client/Microsoft.Identity.Client/Instance/Authority.cs

Line 37 in faabb9c

/// 2. If there is a request authority, try to use it.
we should check AuthorityType in requestAuthorityInfo (if exists). Now requestAuthorityInfo is ignored and only configAuthorityInfo.AuthorityType is considered .
@wziska wziska changed the title [Bug] [Bug] Wrong Authority created in CreateAuthorityForRequest method call Jan 31, 2020
@bgavrilMS bgavrilMS self-assigned this Jan 31, 2020
@bgavrilMS
Copy link
Member

Ack, I can see the problem. To work around it you need to specify an authority when you create the PublicClientApplication. It doesn't matter the policy, as the policy specified in AcquireTokenInteractive will be taken into account.

bgavrilMS added a commit that referenced this issue Feb 24, 2020
@bgavrilMS
Fix for #1606 - use request authority is app authority is not set
2bfb3c2
@bgavrilMS bgavrilMS mentioned this issue Feb 24, 2020
Merged
bgavrilMS added a commit that referenced this issue Feb 26, 2020
@bgavrilMS
Fix for #1606 - use request authority is app authority is not set
b46cbe7
bgavrilMS added a commit that referenced this issue Feb 26, 2020
@bgavrilMS
Fix for #1606 - use request authority is app authority is not set
a27a7d1
@bgavrilMS bgavrilMS added this to the 4.10 milestone Feb 26, 2020
@henrik-me henrik-me modified the milestones: 4.10, 4.9 Mar 5, 2020
@trwalke
Copy link
Member

trwalke commented Mar 6, 2020

Fixed in 4.9.0
https://github.com/AzureAD/microsoft-authentication-library-for-dotnet/releases/tag/4.9.0

@trwalke trwalke closed this as completed Mar 6, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@bgavrilMS bgavrilMS

Labels
bug
Projects
None yet
Milestone
4.9
Development

No branches or pull requests
4 participants
@wziska @bgavrilMS @trwalke @henrik-me